60a76da374
Allow deleting tickets by ID
2022-12-15 18:31:18 -05:00
75fc560d19
Handle cases where the framework module is nil
2022-12-15 18:31:18 -05:00
830e850160
Add more docs
2022-12-15 18:31:18 -05:00
663dee982e
Expose an abstract stored ticket object
2022-12-15 18:31:18 -05:00
fea259f6e7
Switch everything to use the ticket storage
2022-12-15 18:31:14 -05:00
b2a4bea761
Breakout the ticket storage backend drivers
2022-12-15 18:29:00 -05:00
686b946c5b
Use a new TicketStorage class
...
The goal is to provide an abstraction for how Kerberos tickets are
persisted to disk.
2022-12-15 18:28:54 -05:00
5f52ebeea7
Consolidate the loot_info UID string
2022-12-15 18:26:32 -05:00
a9ccfe31b7
Merge branch 'upstream-master' into merge-msf-6.2.31-into-kerberos-feature-branch
2022-12-13 19:40:39 +00:00
a80db73bab
Land #17325 , add impersonation for get_ticket
...
Enable the `get_ticket` module to impersonate a user with S4U2self and S4U2proxy
2022-12-12 09:10:37 -05:00
d239e9b007
Don't autoload krb5Pac
2022-12-06 13:01:47 +00:00
1e2ada3cce
Add options validation depending on action in forge_ticket.rb
2022-12-06 12:55:42 +00:00
405271a52f
Add pac BinData Model
2022-12-05 14:03:21 +00:00
431804ef15
Fix typos: Replace 'the the' with 'the'
2022-12-04 17:41:24 +11:00
c6f8bae1ab
Fix from code review and updates the KrbUseCachedCredentials logic
2022-12-02 15:28:08 +01:00
cc61a26668
Add S4U2Self and S4U2Proxy support to impersonate a user
2022-12-01 20:42:13 +01:00
d3057f15b2
Land #17275 , Add Exploit For CVE-2022-41082 (ProxyNotShell)
2022-11-30 18:16:19 +01:00
750192afa4
Add pkinit error codes
2022-11-29 10:36:10 +00:00
cd828a82c8
Fix the DH key construction for OpenSSL3
2022-11-28 14:54:10 -05:00
abe0549db6
Land #17226 , Module to request TGT/TGS tickets
...
Module to request TGT/TGS Kerberos tickets from the KDC
2022-11-28 11:59:17 -05:00
f24df8a051
Change an exception class and drop DOMAIN passing
2022-11-28 10:06:14 -05:00
009c6c5350
Add the MaxBackendRetries datastore option
2022-11-28 09:45:04 -05:00
3805a79079
Add support for Exchange Data Access Group (DAG)
...
This updates the HttpSsrf class to retry requests to the Powershell
backend when they fail because they were routed to a new server. Now
when the transport is initialized, it will store the backend used by the
first successful request.
2022-11-23 15:37:58 -05:00
29d57dde66
Consolidate into ProxyMaybeShell
2022-11-18 17:01:01 -05:00
d1a7170020
Land #17021 , Gitea Git fetch RCE module - CVE-2022-30781
2022-11-17 12:28:29 +01:00
8efc6c5304
Land #17103 , Consolidate KdcOptionFlags and TicketFlags
2022-11-09 17:27:17 +00:00
7c2134d941
Consolidate KdcOptionFlags and TicketFlags
2022-11-09 17:08:26 +00:00
65f6aaca82
Land #17077 , Add support for AES keys for silver/golden ticket forging
2022-11-09 16:51:11 +00:00
23ff829e52
Add support for AES keys for silver/golden ticket forging
2022-11-09 13:01:13 +00:00
645a1c25a3
Update method documentation and indentation
2022-11-09 16:27:31 +07:00
13bb31feeb
Update module
...
- move repository migration to execute_command.
NOTE: the stageless payload is still unsuccessfull but keep this anyway for christophe to review.
2022-11-09 04:52:18 +07:00
37fd441b0f
Land #17117 , Authenticate to Kerberos with PKINIT
2022-11-08 18:54:03 +01:00
a50cca27e6
remove cookie_jar manipulation
2022-11-09 00:48:23 +07:00
52d867bbc7
follow Ruby coding convetions
...
- combine gitea_version into get_gitea_version for the check method
- validate empty username
2022-11-09 00:41:30 +07:00
c980f4f9ee
add more custom error exception
2022-11-09 00:27:12 +07:00
e70861fc87
Land #17239 , Fix broken kerberos login module
2022-11-08 11:21:17 -05:00
30fe07801b
Fix broken kerberos login module
2022-11-08 15:49:21 +00:00
540984804d
Apply suggestions from code review
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-11-08 14:09:31 +07:00
c1d092b70d
Minor tweaks
...
Filter out enrollable certs by default and print the warning higher. Add
periods to all messages for consistency. Drop the message from
vprint_good to vprint_status when the query works.
2022-11-07 10:37:12 -05:00
ee46d18505
Add yard docs and address review comments
2022-11-07 12:10:01 +00:00
a110465fe4
Add module for converting kerberos ticket formats
2022-11-07 12:10:01 +00:00
79ac775443
Perform updates from code review.
2022-11-04 15:44:28 -05:00
8922e5b203
Add in first initial implementation of ESC module and updates to associated libraries.
2022-11-04 15:43:34 -05:00
eb051ec9a7
Add get_ticket module
2022-11-04 18:46:47 +01:00
6e453a3f4f
Fix a bug in #extract_user_and_realm
...
While iterating over asn_san_seq, if the tag doesn't match either of the
two conditions, user and domain will be nil which leads to a problem
later on.
2022-11-03 10:51:52 -04:00
45ddcf02c9
Remove unused mix in, add low bound to check
2022-11-01 10:42:43 -05:00
af9175325b
Update lib/msf/core/exploit/remote/http/webmin/login.rb
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2022-11-01 10:42:42 -05:00
ad5b03ed96
Finished TODOs and added docs
2022-11-01 10:40:00 -05:00
7774b7ddcf
Merge remote-tracking branch 'upstream/master' into merge-6.2.25-master-into-kerberos-feature-branch
2022-10-31 23:15:11 +00:00
fa7d677d45
Consolidate and improve LDAP error handling
2022-10-31 10:56:17 -04:00
Spencer McIntyre